Disruptive Technologies

Blockchain is the underlying distributed ledger technology for cryptocurrencies such as Bitcoin; it has been at the forefront of business news in the last two years. Fortunes have been built... Read more

Digital Strategy + Transformation

During the recent Enaxis Leadership Forum at Rice University, one panel of CIOs explored the recent impact of digital focus to their roles. Unlike many trends in technology, digital transformation... Read more

Intelligent Visualization

Over the last two decades, businesses have been creating and consuming data in exponential quantities due to advances in technology. The data management industry has emerged from this data explosion... Read more

Outsourcing Advisory

Client Challenge A leading airlines aimed to reduce costs and increase efficiency in the back office functions of its cargo division Many competitors had already successfully offshored these functions, giving... Read more

Digital

The Retail Marketplace has always been a rapidly changing landscape, but never more so than right now. Technological innovations, information availability and economic forces are changing consumer shopping habits and... Read more

ENAXIS LEADERSHIP FORUM IN COLLABORATION WITH THE KEN KENNEDY INSTITUTE AT RICE UNIVERSITY The Enaxis Leadership Forum, in collaboration with the Ken Kennedy Institute at Rice University, is an invitation-only... Read more

People Powering Digital Transformation These days, “digital transformation” is an increasingly popular phrase in the business world, and it is challenging organizations to carefully consider how... Read more

Working together

Digital Strategy + Transformation

During the recent Enaxis Leadership Forum at Rice University, one panel of CIOs explored the recent impact of digital focus to their roles. Unlike many trends in technology, digital transformation... Read more

Cybersecurity + Risk Management

Mind the Gap: Cybersecurity in Corporate Training

By Ann Steel
| Published on Apr. 28, 2017

Over the years, I have had the opportunity to travel often for my career. Of all the cities I’ve visited, London is one of my favorites. On a recent visit, one thing became overwhelmingly clear; The city aims to build awareness in its citizens and visitors and to change their behaviors. How so? You have probably seen a version of the famous London Underground sign: MIND THE GAP.

If you aren’t familiar with it, this insignia is displayed at the edge of train platforms to remind passengers of the gap between the walkway and the train car. The purpose of the message is to boost awareness and ultimately, alter passenger behavior. Similarly, this is also the purpose of training in corporations – to increase the awareness of employees,to change their behaviors and increase their safety.

Over the last few decades, companies have reacted to legal and financial threats, as well as safety threats, by building a collection of mandatory training for their personnel. Following the founding of OSHA in the 70’s, we saw a rise in training around safety-related behaviors, both in the field and in the office. In the 80’s, sexual harassment was a hot topic, and even lawyers joined the business of training clients on both the law itself, and the behaviors that were and were not acceptable. Following major ethical lapses and the Enron failure in 2001, corporations set their sights on ethics training. Today, those training topics are the norm, and new topics continue to be added in, such as cultural sensitivity, and improving diversity in the workplace.

These surges in training topics usually follow months or even years of accidents, injuries, lawsuits, and/or bad press. After years of data breaches, data privacy concerns, and the next wave of internet connected devices, cybersecurity has now reached that threshold. Given current risks to data privacy and work product, here is the question:

If we are aware of the gap, why aren’t we using training to lessen our risk? Look at the list of required training in your own company – you will likely find the classics, but is there anything focused specifically on cybersecurity? Should you care? The answer is yes because, of course, the gap presents a risk to any business, especially considering following factors.

Unawareness
Awareness is the first step to change. Unfortunately, the majority of people are largely unaware of the cyber risks they face every day at work. Ask the next 10 people you see, “Do you use the cloud at work?” Most will say no. Then ask if they’ve checked Facebook. The answer will be “of course”, but they are missing the fact that Facebook is cloud. What would happen if you called 10 users in your organization and asked for their passwords while masquerading as the Helpdesk? Research shows that a high percentage of people will willingly give you their password without asking for any verification.

The Rise of BYODGartner predicts that in 2017, 90% of organizations will support some aspect of a BYOD (Bring Your Own Device) strategy. As BYOD programs grow and users have more and more company data on their personal devices, employers are losing visibility over data and where it is stored. Additionally, in many countries, privacy laws make it difficult for a company to delete or recover data from an employee’s phone, so companies are losing access and control, as well.

Once aware, employees understand the risks and can adopt behaviors to better protect themselves and their organization’s data. They must limit exposure to risk by knowing what to, and what NOT to do.

Training can enlighten and empower employees, but safe cyber behaviors must be integrated into the culture, “baked in – not bolted on”, as they say. Phishing campaigns and other security initiatives can be included, in order to strengthen the overall training effectiveness. Train your employees from day one – Include cybersecurity training in onboarding, remind them in meetings, re-enforce the positive behaviors and track the risky ones. Build the cultural awareness, and reinforce it with annual refresher training. The cyber train is coming – Mind the gap!